Before we learn to limit logon attempts we need to know parameter -
What is a parameter?
Parameter is the set of keys and values to manage the SAP system.There are two types of parameters -
- Static: - It needs a restart. It doesn't effect to the system immediately once you set the value for it.
- Dynamic: - It does not need restart. It effects to the system immediately once you set the value for it.
How to view a parameter?
Step 1) Execute T-code RZ11.
- Put parameter name "login/fails_to_session_end" in text-field.You can put any Parameter name.
- Click Display
Step 3) The screen below shows the current value set for the parameter by the admin
In order to change a parameter, click the pencil icon and make desired changes
Important Parameters to limit login attempts
- login/fails_to_session_end: This parameter specifies the number of times that a user can enter an incorrect password before the system ends the logon attempt. The parameter is to be set to a value lower than the value of parameter
- login/fails_to_user_lock: This parameter specifies the number of times that a user can enter an incorrect password before the system locks the user against further logon attempts. Default value is 12. You can set it to any value between 1 and 99 inclusive.